How to Configure and Integrate iRedMail Services to Samba4 AD DC – Part 11

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I’am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

6 Responses

  1. Trevor Lewis says:

    Hi, thanks in advance for the series of articles they proved very helpful in getting my setup completed, even managed to get iRedMail/SOGo integrated with AD users.

    My question is, how do I create alias domains e.g [email protected] maps to [email protected].

    TIA
    Trevor

  2. Dmitriy Tkachenko says:

    Expression “ldapsearch -x -h tecmint.lan -D ‘[email protected]’ -W -b ‘cn=users,dc=tecmint,dc=lan'” won’t work. We get:

    "ldap_bind: Strong(er) authentication required (8)
    additional info: BindSimple: Transport encryption required."
    

    In last versions of samba there were some security updates applied restricting external applications to connect to AD using LDAP, unless they do not use or support TLS encrypted connections.

    To overcome this obstacle we should edit DC smb.conf in the following manner. Please add this string in [global] section:

    ldap server require strong auth = no
    

    And restart AD service:

    systemctl restart samba-ad-dc.service
    

    Not sure, whether we shall do such settings on the second DC server.

    • Matei Cezar says:

      ldap server requires strong auth = no parameter should be set to the second DC as well. When the LDAP client queries the domain it won’t know which dc server will receive and serve the query first.

  3. david says:

    Hi,
    I have this error when I type telnet mailhost 143

    In /var/log/dovecot.log, i have:

    imap([email protected]): Error Couldn't drop privileges: User i missing GID (see mail_gid setting)
    imap: Error: Internal error occurred, Refer to server information.

    Could you help me, please? Thank you

  4. david says:

    By typing the following command I’ve got the error.

    # postmap -q [email protected]  ldap:/etc/postfix/ad_sender_login_maps.cf
    

    I have the following error :

    postmap: warning: dict_ldap_lookup: Search error -7: Bad search filter
    postmap: fatal: table ldap:/etc/postfix/ad_sender_login_maps_cf: query error:Success
    

    Could you help me please ? Thank you.

  5. david says:

    Thank you very much for this article, there is a typing error in systemd the service is networking.service and not network.service.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *